c=ChainAaa
# 3. append the blackhole rule to the chain
# --------------------------------------------------
r2="--jump DROP"
# the blackhole rules:
#   tcp
sudo iptables --table filter --append $c \
     --protocol tcp  --syn \
     $r2 \
     --match comment \
     --comment "the black hole tcp"
# 🦜 : Here we used --syn to only drop inbound connection establishment request

#   udp
sudo iptables --table filter --append $c \
     --protocol udp \
     $r2 \
     --match comment \
     --comment "the black hole udp"

#   icmp
sudo iptables --table filter --append $c \
     --protocol icmp \
     $r2 \
     --match comment \
     --comment "the black hole icmp"

# ==================================================
# ipv6

sudo ip6tables --table filter --append $c \
     --protocol tcp  --syn \
     $r2 \
     --match comment \
     --comment "the black hole tcp ipv6"
# 🦜 : Here we used --syn to only drop inbound connection establishment request

#   udp
sudo ip6tables --table filter --append $c \
     --protocol udp \
     $r2 \
     --match comment \
     --comment "the black hole udp ipv6"

#   icmp
sudo ip6tables --table filter --append $c \
     --protocol icmp \
     $r2 \
     --match comment \
     --comment "the black hole icmp ipv6"
